Here is what I'm trying to accomplish using IPtables.
I have a user that will be using VPN to come through the firewall. I'm only wanting this user
(by IP) to be the only one with access to the VPN.

Here is what I have so far.
iptables -A FOWARD -i eth0 -p 1743 -s (his ip) -d 172.16.1.1

Is this correct?
Do I need anything else or is it that simple?

BUMP.. doing this now, and also stuck.. any one do this?.. thnx

iptables -A FOWARD -i eth0 -p 1743 -s (his ip) -d 172.16.1.1 -j ACCEPT

I use stuff like this for port forwarding, though.

iptables -A FORWARD -j ACCEPT -p tcp --dport 1743
iptables -t nat -A PREROUTING -i eth0 -p tcp --dport 1743 -j DNAT --to 192.168.0.1:1743

thats the only port to forward? 1743? i thought VPN's connect on more than 1 port?

I have a stateful firewall, so I guess anything RELATED would go through,
I'm just saying "-j ACCEPT" for sure....